So You Think you Have Enough Bandwidth ?


There are actually only two tiers of bandwidth , video for all , and not video for all. It is a fairly black and white problem. If you secure enough bandwidth such that 25 to 30 percent of your users can simultaneously watch video feeds, and still have some head room on your circuit, congratulations you have reached bandwidth nirvana.

Why is video the lynchpin in this discussion?

Aside from the occasional IOS/Windows update, most consumers really don’t use that much bandwidth on a regular basis. Skype, Chat, E-mail, Gaming, together, do not consume as much bandwidth as video. Hence the marker species for congestion is Video.

Below  I have presented some of the metrics to see if you can mothball your bandwidth shaper.

1) How to determine the future bandwidth demand. Believe it or not, you can outrun your bandwidth demand , if your latest bandwidth upgrade is large enough to handle the average video load per customer.  Then it is possible that no further upgrades will be needed, at least in the foreseeable future.

In the “Video for all” scenario the rule of thumb is you can assume 25 percent of your subscribers watching video at any one time . If you still have 20 percent of your bandwidth left over, you have reached the video for all threshold.

To put some numbers to this

Assume 2000 subscribers, and a 1 gigabit link. The average video feed will require about 2 megabits. This would mean, to support video 25 percent of your subscribers would use the entire 1 gigabit and there is nothing left over anybody else, hence you will run out of  bandwidth.

Now if you have 1.5 gigabits for 2000 subscribers you have likely reached the video for all threshold, and most likely you will be able to support them without any advanced intelligent bandwidth control . A simple 10 megabit rate cap per subscriber is likely all you would need.

2) Honey Moon periods are short-lived  The reason why the reprieve  in congestion after a bandwidth upgrade is so short-lived is usually because the operator either does not have a good intelligent bandwidth control solution or they take their existing solution out thinking mistakenly they have reached the “video for all” level. When in reality they are still under the auspices of the video not for all . They are lulled into a false sense of security for a brief honeymoon period.  After the upgrade things are okay. It takes a while for a user base to fill the void of a new bandwidth upgrade.  Unless you have the numbers to support 25 to 30 percent of your user base running video you will need some kind of bandwidth control.

Application Shaping and Encryption on a Collision Course


Art Reisman, CTO APconnections

I have had a few conversations lately where I have mentioned that due to increased encryption, application shaping is really no longer viable.  This statement without context evokes some quizzical stares and thus inspired me to expound.

I believe that due to increased use of encryption, Application Shaping is really no longer viable…

Yes, there are still ways to censor traffic and web sites, but shaping it, as in allocating a fixed amount of bandwidth for a particular type of traffic, is becoming a thing of the past. And here is why.

First a quick primer in how application shaping works.

When an IP packet with data comes into the application shaper, the packet shaper opens the packet and looks inside.  In the good old days the shaper would see the data inside the packet the same way it appeared in context on a web page. For example, when you loaded up the post that you are a reading now, the actual text is transported from the WordPress host server across the internet to you, broken up in a series of packets.  The only difference between the text on the page and the text crossing the Internet would be that the text in the packets would be chopped up into segments (about 1500 characters per packet is typical).

Classifying traffic in a packet shaper requires intercepting packets in transport, and looking inside them for particular patterns that are associated with applications (such as YouTube, Netflix, Bittorrent, etc.).  This is what is called the application pattern. The packet shaping appliance looks at the text inside the packets and attempts to identify unique sequences of characters, using a pattern matcher. Packet shaping companies, at least the good ones, spend millions of dollars a year keeping up with various patterns associated with ever-changing applications.

Perhaps you have used HTTPS, ssh. These are standard security features built into a growing number of websites. When you access a web page from a URL starting with HTTPS, that means this website is using encryption, and the text gets scrambled in a different way each time it is sent out.  Since the scrambling is unique/different for every user accessing the site, there is no one set pattern, and so a shaper using application shaping cannot classify the traffic. Hence the old methods used by packet shapers are no longer viable.

Does this also mean that you cannot block a website with a Web Filter when HTTPS is used?

I deliberately posed this question to highlight the difference between filtering a site and using application shaping to classify traffic. A site cannot typically hide the originating URL, as the encryption will not begin until there is an initial handshake. A web filter blocks a site based on the URL, thus blocking technology is still viable to prevent access to a website. Once the initial URL is known, data transfer is often set up on another transport port, and there is no URL involved in the transfer. Thus the packet shaper has no idea of where the datastream came from, nor is there any pattern that can be discerned due to the encryption stream.

So the short answer is that you can block a website using a web filter, even when https is used.  However, as we have seen, the same does not apply to shaping the traffic with an application shaper.

NetEqualizer News: March 2015


March 2015

Greetings!

Enjoy another issue of NetEqualizer News! This month, we announce the NE5000 (our Next Generation NetEqualizer solution), highlight our recent 8.2 Release (DDoS Monitoring and IPv6 Shaping), preview our upcoming 8.3 Release (Expanded RTR), and update you on NetEqualizer Tech Seminars and conferences. As always, feel free to pass this along to others who might be interested in NetEqualizer News.

A message from Art…
Art Reisman, CTO – APconnections

As we move closer to spring, I am ready for a thaw. artHere in the U.S., most of the country has been locked in snow and ice this winter. We are all ready for warm weather! As I think about warmer days, I start thinking about growing new things, and am happy to announce that as we continue to grow our capabilities, we are also building out advanced hardware platforms. This month we announce our Next Generation NetEqualizer!

We also continue to grow our next release (8.3), in which we are building out additional reporting (RTR) capabilities. Our goal is to have all of the new features released by late spring. And finally, our 8.2 DDoS Monitor, Firewall, and IPv6 equalizing release is now Generally Available.

We love it when we hear back from you – so if you have a story you would like to share with us of how we have helped you, let us know. Email me directly at art@apconnections.net. I would love to hear from you!

Announcing the Next Generation NetEqualizer! The NE5000 is Now Available

The next generation NetEqualizer is here!

Introducing the NE5000 – our top-of-the-line powerhouse solution for larger organizations.

neteq

The NE5000 comes standard with bi-directional 10 Gbps fiber (40 Gbps fiber optional), and it can shape bandwidth for up to 50,000 concurrent users.

There are also a few exciting additions to the NE5000 not seen in previous models.

• First, we included built-in redundancy so that the device fails open.
• Second, we included built-in power redundancy as well so that the unit will never experience sudden outages.
• And third, we included a built-in management port to make network integration and management even easier.

Take a look at our price list for pricing information, or contact us if you have questions!

contact_us_box-1


8.2 Release is Now Generally Available!

Our 8.2 Release is now generally available! This release includes two primary new features:

Distributed Denial of Service (DDoS) Monitoring

We are hearing that many of our customers need help with the onslaught of DDoS attacks on their networks. As the NetEqualizer is implemented near the network perimeter, and has visibility to all incoming and outgoing traffic, we are able to analyze traffic behavior and report on suspected DDoS attacks. Once identified as suspected DDoS, the NetEqualizer can then be used to block further traffic as needed.

IPv6 Bandwidth Shaping

For several years we have provided visibility to IPv6 traffic flowing through the NetEqualizer, to give you a view into how much IPv6 is on your network. We now feel that IPv6 has gained enough momentum to be a noticeable percentage on our customers’ networks. Therefore, as of 8.2 we are offering equalizing for IPv6 traffic. This will ensure that your full network gets the benefit of improved QoS during peak periods, for both IPv4 and IPv6 traffic.

The 8.2 update is simple and easy to install. We recommend upgrading as soon as possible in order to be properly prepared should a DDoS attack happen to you.

You can read more about these features in our release notes here. Our User Guide has also been updated with more information about how these features work.

These features are free to customers with valid NetEqualizer Software and Support who are running version 8.0+. If you are not current with NSS, contact us today!

contact_us_box-1


Update on 2015 Tech Seminars and Conferences

Throughout 2015, we’ll be using our Newsletter to update you on Tech Seminars that NetEqualizer is hosting, as well as conferences we’ll be attending. Stay tuned!

Here is what we currently have planned for the near future:

NetEqualizer Tech Seminar

We are currently exploring sites for a Tech Seminar in the UK during the summer or fall 2015. As of this newsletter, nothing is neteq seminar logo with borderfinalized. If you would like to host a tech seminar, we are also open to visiting a domestic site here in the U.S. or Canada, so please don’t hesitate to contact us.

edACCESS Conference

edACCESS provides support and networking for information technology staff at secondary schools and small colleges. Most members come from schools with under 1,000 students.edaccess

We will be joining in the edACCESS conference at Mercersburg Academy on June 24, 2015 for Vendor Day! Feel free to stop by and pick up some NetEqualizer bling!

If you have questions on either the NetEqualizer Tech Seminar or the edACCESS conference, contact us!

contact_us_box-1


8.3 Release (Expanded RTR) Arriving in Late Spring

Over the last few months we’ve continued to invest heavily in expanding our Real-Time Reporting (RTR) to make it even more robust. In late spring of this year, our 8.3 Release will be generally available.

The 8.3 Release includes many features our customers have asked for in the past to help improve their reporting experience. Here are just a few of the exciting new features:

Real-Time Pool and VLAN Dashboard

The current version of RTR has a real-time dashboard which shows current bandwidth usage. In Release 8.3, however, we’ve enhanced the dashboard to include both real-time pool and real-time VLAN bar graphs showing current usage. You can also easily see when your pools and/or VLANs are Equalizing.

Pools

Summary IP Reports

One of the most popular features in ntop, our previous reports offering, was the Summary Hosts Report, which highlighted how much bandwidth a particular IP address had used over a certain time period. In Release 8.3, we’ve added our own summary IP reports into RTR! Summary IP Reports is even better, as it will enable you to run custom database queries against all of the stored historical data to find exactly what you need. We will also include a handful of sample summary reports for common queries.

summary

Historical Penalty Graphs

In Release 8.3, you’ll be able to see how the NetEqualizer has penalized traffic over time. RTR will now include graphs for tracking how many penalties are being enforced each minute. We’ll then store the data for up to four weeks. And, just like our other graphs, you’ll be able to export the data for retention if you so choose. This has been one of our most commonly requested features, and now it’s here!

penalties

Once 8.3 reaches GA, these features will be free to customers with valid NetEqualizer Software and Support who are running version 8.0+ If you are not current with NSS, contact us today!

contact_us_box-1


Best Of The Blog

10 Things to Consider when Choosing a Bandwidth Shaper

By Art Reisman – CTO – APconnections

This article is intended as an objective guide for anyone trying to narrow down their options in the bandwidth controller market. Organizations today have a plethora of product options to choose from. To further complicate your choices, not only are there specialized bandwidth controllers, you’ll also find that most Firewall and Router products today contain some form of bandwidth shaping and QoS features.

What follows is an all-encompassing list of questions that will help you to quickly organize your priorities with regards to choosing a bandwidth shaper.

1) What is the Cost of Increasing your Bandwidth?

Although this question may be a bit obvious, it must be asked. We assume that anybody in the market for a bandwidth controller also has the option of increasing their bandwidth. The costs of purchasing and operating a bandwidth controller should ultimately be compared with the cost of increasing bandwidth on your network.

2) How much Savings should you expect from your Bandwidth Controller?

A good bandwidth controller in many situations can increase your carrying capacity by up to 50 percent. However, beware, some technologies designed to optimize your network can create labor overhead in maintenance hours. Labor costs with some solutions can far exceed the cost of adding bandwidth…

Photo Of The Month
snowshoe
Snowshoeing in Snowy Colorado
The snow this year broke records all over the U.S.! February was the snowiest February on record for Colorado. This is a picture of Boulder County Open Space, which is like a park, as everyone can use it for recreation. It is shared by a farmer to graze cows in the spring & summer. Here, one of our staff takes advantage of a snowy day to snowshoe.

The Technology Differences Between a Web Filter and a Traffic Shaper


First, a couple of definitions, so we are all on the same page.
A Web Filter is basically a type of specialized firewall with a configurable list of URLs.  Using a Web Filter, a Network Administrator can completely block specific web sites, or block complete categories of sites, such as pornography.

A Traffic Shaper is typically deployed to change the priority of certain kinds of traffic.  It is used where blocking traffic completely is not required, or is not an acceptable practice.  For example, the mission of a typical Traffic Shaper might be to allow users to get into their Facebook accounts, and to limit their bandwidth so as to not overshadow other more important activities.  With a shaper the idea is to limit (shape) the total amount of data traffic for a given category.

From a technology standpoint, building a Web Filter is a much easier proposition than creating a Traffic Shaper.  This is not to demean the value or effort that goes into creating a good Web Filter.  When I say “easier”, I mean this from a core technology point of view.  Building a good Web Filter product is not so much a technology challenge, but more of a data management issue. A Web Filter worth its salt must be aware of potentially millions of various websites that are ever-changing. To manage these sites, a Web Filter product must be constantly getting updated. The product company supporting the Web Filter must search the Web, constantly indexing new web sites and their contents, and then passing this information into the Web Filter product. The work is ongoing, but not necessarily daunting in terms of technology prowess.  The actual blocking of a Web site is simply a matter of comparing a requested URL against the list of forbidden web sites and blocking the request (dropping the packets).
A Traffic Shaper, on the other hand, has a more daunting task than the Web Filter. This is due to the fact that unlike the Web Filter, a Traffic Shaper kicks in after the base URL has been loaded.  I’ll walk through a generic scenario to illustrate this point.  When a user logs into their Facebook account, the first URL they hit is a well-known Facebook home page.  Their initial query request coming from their computer to the Facebook home page is easy to spot by the Web Filter, and if you block it at the first step, that is the end of the Facebook session.  Now, if you say to your Traffic Shaper “I want you to limit Facebook Traffic to 1 megabit”, then the task gets a bit trickier.  This is because once you are logged into a Facebook  page subsequent requests are not that obvious. Suppose a user downloads an image or plays a shared video from their Facebook screen. There is likely no context for the Traffic Shaper to know the URL of the video is actually coming from Facebook.  Yes, to the user it is coming from their Facebook page, but when they click the link to play the video, the Traffic Shaper only sees the video link – it is not a Facebook URL any longer. On top of that, often times the Facebook page and it’s contents are encrypted for privacy.
For these reasons a traditional Traffic Shaper inspects the packets to see what is inside.  The traditional Traffic Shaper uses Deep Packet Inspection (DPI) to look into the data packet to see if it looks like Facebook data. This is not an exact science, and with the widespread use of encryption, the ability to identify traffic with accuracy is becoming all but impossible.
The good news is that there are other heuristic ways to shape traffic that are gaining traction in the industry.  The bad news is that many end customers continue to struggle with diminishing accuracy of traditional Traffic Shapers.
For more in depth information on this subject, feel free to e-mail me at art@apconnections.net.
By Art Reisman, CTO APconnections

NetEqualizer News: February 2015


February 2015

Greetings!

Enjoy another issue of NetEqualizer News! This month, we introduce an exciting new DDoS protection feature for NetEqualizer, share the results of our recent Holiday Giving Campaign, and preview our NetEqualizer 2015 Tech Seminar. As always, feel free to pass this along to others who might be interested in NetEqualizer News.

A message from Art…
Art Reisman, CTO – APconnections

Over the period of one week, we were contacted several times from customers asking us if the artNetEqualizer could do something to alleviate an ongoing Distributed Denial of Service (DDoS) attack. It turns out we do have some technology in our arsenal for this event, but it was only art photo for NL available in our NetGladiator product. Purchasing a full blown NetGladiator for a random attack is often not within the scope or budget for many of our customers. So, what if we could move this utility into our standard NetEqualizer base? We could then blanket a wide swath of our customers with DDoS protection as well as enhance the value of their NetEqualizer, and so that is what we have done. Read more about this exciting new offering below!

We love it when we hear back from you – so if you have a story you would like to share with us of how we have helped you, let us know. Email me directly at art@apconnections.net. I would love to hear from you!

Are You Under Attack? NetEqualizer Can Help!

Software Update 8.2 is now available as a limited beta release and includes our new Distributed Denial of Service (DDoS) Monitor at no extra charge! In addition, our new DDoS Firewall tool (DFW) can be purchased as an add-on module for an additional fee.

The DDoS Monitor, which comes standard, shows you some basic metrics on the outside intrusion hit rate into your network. It can be used to spot anomalies which would indicate a likely DDoS attack in progress. See our detailed blog article on the subject for how this technology works. Here is a screenshot of the DDoS Monitor dashboard:

ddos

If you decide you need something more proactive to mitigate a DDoS attack, we have a solution for you! For a one time charge of $3,500, which includes one hour of training and consulting, we install our DDoS Firewall (DFW) feature, which can be configured to block standard DDoS attacks.

Also included in Software Release 8.2 is IPv6 Equalizing. We have updated our shaping algorithms to account for both IPv4 and IPv6 traffic. This enables us to provide QoS across a dual stack so that congestion is eased across all of your traffic.

Our recent efforts to include DDoS mitigation functionality and enhanced IPv6 tools were accelerated due to the fact that our customers were facing immediate impacts. We have not forgotten our promise to release RTR enhancements, which are still scheduled for release in the late spring/early summer of 2015.

You can read more about software update 8.2 here. We anticipate that the 8.2 release will be generally available in the March/April 2015 timeframe.

For questions about our DDoS offering, IPv6 shaping enhancements, or anything else, contact us anytime:

sales@apconnections.net
-or-
303-997-1300


Holiday Giving Campaign Results

Thanks to you, our year-end Holiday Giving Campaign was a success! We were able to give sizable monetary donations to three worthy charities in early 2015.

This is really what the holidays are all about, and we thank you for helping us to support these worthy causes:

1) Toys for Tots: The mission for Toys for Tots is to collect new, unwrapped toys during
October, November and December each year, and distribute those toys as Christmas gifts to less fortunate children in the community in which the campaign is conducted.

tft

2) The Hunger Project: The Hunger Project is a global, non-profit, strategic organization committed to the sustainable end of world hunger.

29DRt83

3) Doctors Without Borders: Doctors Without Borders works in nearly 70 countries providing medical aid to those most in need regardless of their race, religion, or political affiliation.

logo


NetEqualizer 2015 Tech Seminars

Are you interested in enhanced on-site training, as well as helping to influence the direction of our next major software release?

We have found over the years that our on-site Tech Seminars become great vehicles for customers to dig deep and derive extra value from their installed NetEqualizer(s).

For example, we have hunted down P2P users during these events, as well as validated security tools and enhanced shaping techniques. It is also a great opportunity for our engineering team to gain insight into the latest needs of our customer base.NetEqualizer Seminars

The obligation of the host is to simply provide a conference room for demo and discussion, and also to allow some live analysis of their network. This is not a sales presentation. If you are interested in hosting, let us know!

This year, we would love to have the opportunity to present in Western Europe if anyone in that part of the world is interested!

Contact us at:

sales@apconnections.net
-or-
303-997-1300


Best Of The Blog

Fourteen Tips to Make Your ISP/WISP More Profitable

By Art Reisman – CTO – APconnections

As the demand for Internet access continues to grow around the world, opportunities for service providers are emerging in markets far and wide. Yet, simply offering Internet service, even in untapped areas, does not guarantee long-term success. Just as quickly as your customer-base grows, the challenges facing ISPs and WISPs begin to emerge.

From competition to unhappy customers, the business venture that once seemed certain to succeed can quickly test the will of even the most battle-hardened and tech savvy business owners. However, there are ways to make the road to profitability a little smoother…

Photo Of The Month
drone
Aerial Photography from Remote Control Drone
Small remote control drones with cameras are becoming very popular in the United States. This particular shot was taken by a member of our staff in New Smyrna Beach, Florida. It is looking south toward Cape Canaveral.

Firewall Recipe for DDoS Attack Prevention and Mitigation


Although you cannot “technically” stop a DDoS attack, there are ways to detect and automatically mitigate the  debilitating  effects on your public facing servers.  Below, we shed some light on how to accomplish this without spending hundreds of thousands of dollars on a full service security solution that may be overkill for this situation.

Most of the damage done by a targeted DDoS attack is the result of the overhead incurred on your servers from large volume of  fake inquiries into your network. Often with these attacks, it is not the volume of raw bandwidth  that is the issue, but the reduced the slow response time due to the overhead on your servers.   For a detailed discussion of how a DDoS attack is initiated please visit http://computer.howstuffworks.com/zombie-computer3.htm zombie-computer-3d

We assume in our recipe below, that you have some sort of firewall device on your edge that can actually count hits into your network from an outside IP, and also that you can program this device to take blocking action automatically.

Note: We provide this type of service with our NetGladiator line.  As of our 8.2 software update, we also provide this in our NetEqualizer line of products.

Step 1
Calculate your base-line incoming activity.  This should be a running average of unique hits per minute or perhaps per second. The important thing is that you have an idea of what is normal. Remember we are only concerned with Un-initiated hits into your network, meaning outside clients that contact you without being contacted first.

Step 2
Once you have your base hit rate of incoming queries, then set a flag to take action ( step 3 below), should this hit rate exceed more than 1.5 standard deviations above your base line.  In other words if your hit rate jumps by statistically large amount compared to your base line for no apparent reason i.e .you did not mail out a newsletter.

Step 3
You are at step 3 because you have noticed a much larger than average hit rate of un-initiated requested into your web site. Now you need to look for a hit count by external IP. We assume that the average human will only generate at most a hit every 10 seconds or so, maybe higher. And also on average they will like not generate more than 5 or 6 hits over a period of a few minutes.  Where as a hijacked client attacking your site as part of a DDOS attack is likely to hit you at a much higher rate.  Identify these incoming IP’s and go to Step 4.

Step 4
Block these IP’s on your firewall for a period of 24 hours. You don’t want to block them permanently because it is likely they are just hijacked clients ,and also if they are coming from behind a Nat’d community ( like a University) you will be blocking a larger number of users who had nothing to do with the attack.

If you follow these steps you should have a nice pro-active watch-dog on your firewall to mitigate the effects of any DDoS attack.

For further consulting on DDoS or other security related issues feel free to contact us at admin@apconnections.net.

NetEqualizer News: January 2015


January 2015

Greetings!

Enjoy another issue of NetEqualizer News! This month, we highlight leasing a NetEqualizer with NO contract, discuss our new IPv6 shaping process, share a recent case study, and preview our 2015 price adjustments. As always, feel free to pass this along to others who might be interested in NetEqualizer News.

A message from Art…
Art Reisman, CTO – APconnections

As we kick off 2015, I am knee-deep once again in architecting solutions, which many of you know is what I love to do most! It feels good to start 2015 following my passion – I hope you are committing or re-committing to spend time doing those things that you love most. art

Speaking of architecture, this month I share with you the upcoming IPv6 Release (8.1v6) design. I also am excited to include our latest Case Study; we have captured Lutheran Health Network’s experience with the NetEqualizer. This large-scale NetEqualizer implementation is a great read, particularly for customers with multiple sites using varying bandwidths. And finally, we give you a preview of 2015 pricing. Some good news here – we have reduced prices on two license levels!

We love it when we hear back from you – so if you have a story you would like to share with us of how we have helped you, let us know. Email me directly at art@apconnections.net. I would love to hear from you!

The Joy of Leasing

In 2015, we are continuing our popular no-contract, monthly Leasing Program.

This program works best for several types of customers:leasing

1) Customers who need to align monthly expenditures with a monthly revenue stream.

2) Customers with limited budgets that need to reduce their upfront costs.

3) Customers who would like user-based pricing.

Why is leasing a NetEqualizer joyful? We think that our leasing program is superior to what you would find through a typical 3rd party lessor. We keep the process simple, and make it easy for you to participate. In fact, we started this program because we were tired of the long drawn-out process full of tons of paperwork, signatures, and waiting, while trying to work with lessors on behalf of our customers. We decided that we could do this better, and we think we have!

We have found this model popular, as customers can immediately get the benefits of a full-featured NetEqualizer without committing to a large upfront expenditure. And, there is no long-term commitment; if your needs change in the future, you can exit or modify your Lease Program as needed.

This model works well for businesses that would like to align their shaping costs with the number of users they have on their network, rather than the size of their network pipe. In smaller businesses, this enables customers to better align their costs with their actual potential revenue stream rather than their network size.

In the past several years, we have seen Schools, Business Centers and Internet Service Providers participate in our Monthly Leasing Program.

If this sounds of interest to you, call us to discuss or check out our Leasing Program to see if it meets your needs!

sales@apconnections.net
-or-
303-997-1300

Please note that the NetEqualizer Leasing Program is currently only available to customers in the United States and Canada.


Architecting the IPv6 Release (8.1v6)

We have word from a few customers running dual stacks that they do have enough IPv6 traffic that it needs to be addressed in the NetEqualizer shaper, especially during peak traffic times.

Now that IPv6 is becoming a reality in many networks, I am focusing my efforts on architecting our solution, which I share here:

We realized early on in our design choices that a customer running a dual stack may have two addressing schemes, but they still have one bandwidth link to shape as a whole. In other words, all the shaping decisions will be based on the total bandwidth across both sets of addresses, and not a separate decision for IPv6 and IPv4.

With that decision, the easiest way to accomplish this for reporting and shaping was to trick the IPv6 traffic into an IPv4 format, which is what we are going to do.

We examined real IPv6 traffic on a live network, and as expected the upper bytes in the address rarely, if ever, change. So by taking the lower 24 bits of the IPv6 address and mapping that into a locally unique IPv4 address, we can show and shape all the traffic in one table.

We will have Beta versions of 8.1v6 ready to run in late February. At that time we will also have examples and documentation on how to track and shape your IPv6 traffic on the NetEqualizer.

Stay tuned here to learn more about our IPv6 Release this Spring! And if you have any thoughts or input on IPv6 that you would like to share, shoot me an email at art@apconnections.net.


Case Study: Lutheran Health Networkcasestudy

Recently we received feedback from Lutheran Health Network (LHN) on how their NetEqualizer’s have helped to optimize their network infrastructure. It was so much great information that we captured it as a Case Study to share with you.

Jason Whiteaker, a Senior Network Engineer at LHN, describes their environment, what challenges they faced, solutions considered, and the great results they have had with the NetEqualizer in place. Read the full Case Study here to see how the NetEqualizer has been a technical and political “win-win” for the network team.

This Case Study demonstrates how the NetEqualizer works well in hub and spoke environments. To read more about how effective the NetEqualizer is at hub and spoke shaping, check out our blog article on the subject.


2015 NetEqualizer Pricing Preview

As promised in last month’s newsletter, all newsletter readers can now get an advance peek of our 2015 NetEqualizer Pricing! For a limited time, you can now preview of our 2015 Pricing here without registration. You can also view the Data Sheets for each model once in the 2015 Price List.

Our 2015 Pricing will be effective February 1st, 2015.

Key changes for 2015:

– Due to popular demand, we are adding two license levels to the NE3000 series: 500Mbps and 750 Mbps.
– Exciting news for folks looking at 100 or 150Mbps licenses. We have reduced prices on the 100Mbps and 150Mbps license levels, to better align our pricing model.
– And finally, as we are seeing more customers moving to higher bandwidth levels, we have decided to no longer offer the 10Mbps license in 2015.

If you are interested in user-based pricing, we are continuing to offer our Monthly Lease Program in 2015. You can read more about that in The Joy of Leasing in this month’s newsletter.

We will be using 2014 pricing through January, and all current quotes using the pricing will be honored for 90 days from the date the quote was originally given. However, if you have an outstanding quote on a 100 or 150Mbps unit, we will be happy to update it for you to use the new lower pricing.

We also continue to offer license upgrades on our newer NE2000’s. Remember that if you have a NE2000 purchased on or after August 2011, it is eligible for license upgrades and support. If you have an older NE2000, please contact us to discuss a trade-in.

If you have questions on pricing, feel free to contact us at:

sales@apconnections.net
-or-
303-997-1300


Best Of The Blog

How Does Your ISP Actually Enforce Your Internet Speed?

By Art Reisman – CTO – APconnections

Have you ever wondered how your ISP manages to control the speed of your connection? If so, you might find the following article enlightening. Below, we’ll discuss the various trade-offs used to control and break out bandwidth rate limits and the associated side effects of using those techniques…

Photo Of The Month
bird
Roseate Spoonbill from Merritt Island National Seashore
The best thing NASA did besides going to the moon was preserving miles and miles of shoreline on the east coast of Florida near Cape Canaveral. The Merritt Island bird loop is better than the wild animal safari you can take over at Disneyland, alligators and exotic birds like you have never seen before.
Follow

Get every new post delivered to your Inbox.

Join 58 other followers

%d bloggers like this: